Attacks/Breaches

7/24/2017
05:00 PM
Connect Directly
Twitter
LinkedIn
RSS
E-Mail
50%
50%

Voter Registration Data from 9 States Available for Sale on Dark Web

Nearly 10 million voter records sold for just $4 over last few days, according to LookingGlass Cyber Solutions.

Threat intelligence company LookingGlass Cyber Solutions says it has discovered over 40 million voter records from nine different states being traded in an underground forum for stolen credit card data and login credentials.

The voter records being offered for sale include the voter's full first, last and middle name, voter ID, birthdate, voter status, party affiliation, residential address and other details. The data belongs to voters in Arkansas, Colorado, Connecticut, Delaware, Florida, Michigan, Ohio, Oklahoma and Washington State.

Over the last two days, voter databases from at least two of the states—Arkansas and Ohio—were sold for a mere $2 each, or a total of $4 for almost 10 million voter records. That suggests financial gain is not the primary reason for the activity, according to LookingGlass.

'Logan,' the individual who has advertised the data and is selling it on a site called RaidForums, has hinted at possessing voter records for an additional 20 to 25 states, says Jonathan Tomek, director of threat research at LookingGlass Cyber Solutions.

Logan appears to have obtained the voter information through Freedom of Information Act (FOIA) requests, website requests, and also through social engineering them from states where an entity would otherwise be required to purchase the information, he says.

What makes his activities additionally illegal is his attempt to sell the data for purposes other than political purposes, he noted. Many states prohibit the republishing of voter data or the use of it for commercial purposes. Violators can face fine and prison terms of up to five years.

"Logan is not affiliated with any group to our knowledge," Tomek says. "We believe he is acting alone. I can say he is over 18, travels a bit internationally, and works for a cybersecurity company," he says.

Tomek says LookingGlass does not have information on how many people might have purchased the voter information or what they might do with it. "We do know he is actively trading this information for other stolen items such as credit cards and login credentials," he says. "The combination of the voter information plus the other data has potential to be very bad since the voter data contains birthday, home address, email, and full name."

News of the sale of millions voter records in an underground cyber forum comes amid an ongoing controversy over the Trump Administration's push to get publicly available voter registration records from each state in connection with an inquiry into potential voter fraud in last year's general elections.  A Trump appointed election integrity commission in fact met for the first time just last Wednesday to discuss next steps into the matter.

A total of 24 states have so far complied with the Trump Administration's request for voter data. But the District of Columbia and 17 states have so far refused to hand over the data. Some groups like the American Civil Liberties Union (ACLU) have sued the Trump election commission citing voter suppression fears.

The Help America Vote Act (HAVA) currently requires all 50 states to maintain a central voter file in electronic format. The content and availability of the data in these files varies dramatically by state, as can be seen in this U.S. Election Project interactive map maintained by the University of Florida, Gainesville.

Some states make all the information they have in their voter files available to those eligible to view or purchase the data. Others withhold certain information like the voter's Social Security Number, date of birth and driver's license number. As PBS noted in a report last week, 19 states consider an individual's full birth date to be part of the public record, while a voter's race and party affiliation is considered public information in six states and 32 states respectively.

Currently, only the registered parties, political committee and a candidate or their committee registered in all areas can purchase all available statewide voter data, according to the US Elections Project website. The total cost for a US citizen to purchase all available voter registration data for all states is around $126,500. Politically oriented non-profits, candidates, parties and their committee would pay around $136,000.

Related content:

 

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Data Privacy Careers Are Helping to Close the IT Gender Gap
Dana Simberkoff, Chief Risk, Privacy, and Information Security Officer, AvePoint, Inc.,  8/20/2018
Ohio Man Sentenced To 15 Months For BEC Scam
Dark Reading Staff 8/20/2018
Intel Reveals New Spectre-Like Vulnerability
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/15/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-15667
PUBLISHED: 2018-08-21
An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. It registers and uses the airmail:// URL scheme. The "send" command in the URL scheme allows an external application to send arbitrary emails from an active account without authentication. The handler has no restriction on who can...
CVE-2018-15668
PUBLISHED: 2018-08-21
An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. The "send" command in the airmail:// URL scheme allows an external application to send arbitrary emails from an active account. URL parameters for the "send" command with the "attachment_" prefix designate atta...
CVE-2018-15669
PUBLISHED: 2018-08-21
An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. Its primary WebView instance implements "webView:decidePolicyForNavigationAction:request:frame:decisionListener:" such that requests from HTMLIFrameElements are blacklisted. However, other sub-classes of HTMLFrameOwnerElements are...
CVE-2018-15670
PUBLISHED: 2018-08-21
An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. Its primary WebView instance implements "webView:decidePolicyForNavigationAction:request:frame:decisionListener:" such that OpenURL is the default URL handler. A navigation request is processed by the default URL handler only if t...
CVE-2018-15671
PUBLISHED: 2018-08-21
An issue was discovered in the HDF HDF5 1.10.2 library. Excessive stack consumption has been detected in the function H5P__get_cb() in H5Pint.c during an attempted parse of a crafted HDF file. This results in denial of service.